package com.cserver.pro.config;


import com.cserver.pro.realm.UserShiroRealm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.Date;
import java.util.LinkedHashMap;

@Configuration
public class ShiroConfig {

    @Bean
    public UserShiroRealm userShiroRealm(){
        UserShiroRealm userShiroRealm=new UserShiroRealm();
        return userShiroRealm;
    }
    @Bean(name="securityManager")
    public SecurityManager securityManager(UserShiroRealm userShiroRealm){
//        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(userShiroRealm);
        return securityManager;
    }

    /**
     * Shiro过滤器配置
     */
    @Bean(name="shiroFilter")
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        // Shiro的核心安全接口,这个属性是必须的
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        // 身份认证失败，则跳转到登录页面的配置
        shiroFilterFactoryBean.setLoginUrl("/sysUser/unLogin?code=1");
        // 权限认证失败，则跳转到指定页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/sysUser/unLogin?code=2");
        // Shiro连接约束配置，即过滤链的定义
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        filterChainDefinitionMap.put("/sysUser/login", "anon");
        filterChainDefinitionMap.put("/sysUser/unLogin", "anon");
        Date date = new Date();
       // filterChainDefinitionMap.put("/**","authc");
       // filterChainDefinitionMap.put("/sysUser/*authc");

        // 系统权限列表
        // filterChainDefinitionMap.putAll(SpringUtils.getBean(IMenuService.class).selectPermsAll());

//        Map<String, Filter> filters = new LinkedHashMap<String, Filter>();
//        filters.put("onlineSession", onlineSessionFilter());
//        filters.put("syncOnlineSession", syncOnlineSessionFilter());
//        filters.put("captchaValidate", captchaValidateFilter());
//        filters.put("kickout", kickoutSessionFilter());
//        // 注销成功，则跳转到指定页面
//        filters.put("logout", logoutFilter());
//        shiroFilterFactoryBean.setFilters(filters);

        // 所有请求需要认证
      //  filterChainDefinitionMap.put("/**", "user,kickout,onlineSession,syncOnlineSession");
       // shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
      //  filterChainDefinitionMap.put("/**","authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilterFactoryBean;
    }



    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor=new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

//    @Bean("simpleMappingExceptionResolver")
//    public SimpleMappingExceptionResolver simpleMappingExceptionResolver() {
//        SimpleMappingExceptionResolver resolver = new SimpleMappingExceptionResolver();
//        Properties mappings = new Properties();
//        mappings.setProperty("org.apache.shiro.authz.UnauthorizedException", "/sysUser/unLogin?code=2");
//        resolver.setExceptionMappings(mappings);
//        return resolver;
//    }
}
